lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAH5fLghx7K1fsdx15VsaTT1i3DRQD8zH2Yd-sEwumiByefTVAQ@mail.gmail.com>
Date: Thu, 21 Aug 2025 11:45:11 +0200
From: Alice Ryhl <aliceryhl@...gle.com>
To: Andrew Morton <akpm@...ux-foundation.org>
Cc: Baptiste Lepers <baptiste.lepers@...il.com>, Lorenzo Stoakes <lorenzo.stoakes@...cle.com>, 
	"Liam R. Howlett" <Liam.Howlett@...cle.com>, Miguel Ojeda <ojeda@...nel.org>, 
	Alex Gaynor <alex.gaynor@...il.com>, Boqun Feng <boqun.feng@...il.com>, 
	Gary Guo <gary@...yguo.net>, Björn Roy Baron <bjorn3_gh@...tonmail.com>, 
	Benno Lossin <lossin@...nel.org>, Andreas Hindborg <a.hindborg@...nel.org>, 
	Trevor Gross <tmgross@...ch.edu>, Danilo Krummrich <dakr@...nel.org>, Jann Horn <jannh@...gle.com>, 
	linux-mm@...ck.org, rust-for-linux@...r.kernel.org, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] rust: mm: Mark VmaNew as transparent

On Thu, Aug 21, 2025 at 1:29 AM Andrew Morton <akpm@...ux-foundation.org> wrote:
>
> On Tue, 12 Aug 2025 15:26:56 +0200 Baptiste Lepers <baptiste.lepers@...il.com> wrote:
>
> > Unsafe code in VmaNew's methods assumes that the type has the same
> > layout as the inner `bindings::vm_area_struct`. This is not guaranteed by
> > the default struct representation in Rust, but requires specifying the
> > `transparent` representation.
> >
> > ...
> >
> > +++ b/rust/kernel/mm/virt.rs
> > @@ -209,6 +209,7 @@ pub fn vm_insert_page(&self, address: usize, page: &Page) -> Result {
> >  ///
> >  /// For the duration of 'a, the referenced vma must be undergoing initialization in an
> >  /// `f_ops->mmap()` hook.
> > +#[repr(transparent)]
> >  pub struct VmaNew {
> >      vma: VmaRef,
> >  }
>
> Alice suggests that I add a cc:stable to this.  But I see nothing in
> the changelog which explains why we're proposing a backport.
>
> So please send us a description of the userspace-visible runtime
> impact of this flaw and I'll paste it into the changelog, thanks.

I don't think it has any userspace-visible runtime impact. But I've
seen many things get backported when they are incorrect even if it
works in practice, so that is why I suggested to backport it anyway.

The annotation makes it so that VmaNew is guaranteed to have the same
layout and ABI as struct vm_area_struct, which is required for
correctness. Without the annotation, rustc doesn't *guarantee* that
the layout/ABI is identical, but in this case, they are identical in
practice even if the annotation is missing.

Alice

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ